Skip to main content

Amazon S3

Files.com's integration with Amazon S3 allows you to integrate with files on a Amazon S3 bucket in several different ways.

Files.com's Remote Server Mount feature gives you the ability connect a specific folder on Files.com to the remote server in a real time manner.

That folder then becomes a client, or window, accessing the files stored in your remote server or cloud.

Once you configure a Mount, any operation you perform on or inside that folder will act directly on the remote in real time. Whether you are dropping a file into that folder, deleting a file, creating a subfolder, or performing any other file/folder operations your Files.com user has permissions for, those operations will "pass through" to the remote in real time.

This powerful feature enables a wide variety of use cases such as accessing files on a counterparty (client or vendor)'s cloud without provisioning individual access to individual users, reducing storage costs by leveraging on-premise or bulk storage solutions, enabling applications to access 3rd party clouds via Files.com API, FTP, SFTP, or Files.com Apps and many more

Alternatively, Files.com's Remote Server Sync feature give you the ability to push or pull files to or from remote servers. This means that the files will exist in both places at the end of the sync process.

A remote sync can be a "push", where files from your Files.com site are transferred to the remote server, a "pull" where files are transferred from the remote server to your Files.com site, or a two-way "sync" where files that are new or changed in either location are pushed and pulled to maintain a synchronized state between the folder on your Files.com site and that on the remote server.

Add Amazon S3 as a Remote Server

Add a new Remote Server to your site, and select Amazon S3 as the server type.

You must provide an Internal name for this connection. If you're managing multiple remote servers, make the name clear enough to easily identify this particular connection.

The Region and Bucket are required, because they define which bucket Files.com will connect to, and the Authentication Information contains the credentials Files.com will use for connecting to AWS.

Region and Bucket

Files.com supports connecting to S3 buckets in many regions, even regions where Files.com itself doesn't have an AWS presence. This includes Govcloud. We are happy to expand our list of supported regions; please contact us if you have a need to access a region you don't see listed.

Files.com requires full access to the Bucket being used, so we recommend creating a bucket for the exclusive use of Files.com.

AWS Region

The AWS Region Code of your S3 bucket name can be found by using the get-bucket-locationExternal LinkThis link leads to an external website and will open in a new tab command of the AWS CLI tool. You can cross-reference the region code and region name using Amazon's online documentationExternal LinkThis link leads to an external website and will open in a new tab.

Bucket Name

Your Amazon S3 bucket name can be found in the Amazon AWS Console, within the Amazon S3 sectionExternal LinkThis link leads to an external website and will open in a new tab, under the Buckets list.

Authentication Information

Files.com uses an Access Key and Secret Key to authenticate requests, following the protocol established by AWS for S3. You will use AWS IAM to create an IAM user for Files.com.

After generating the IAM User, copy its Access Key and Secret Key to Files.com.

Minimal Permissions for Full Access

You will need to apply a policy to the IAM user to grant it full permissions to the bucket being used.

These permissions represent the minimum required for Files.com to function correctly with your S3 bucket.

To use the below example, replace <Your IAM User ID> with the 12 digit IAM ID of the user, replace <Your IAM User Name> with the IAM user name of the user, and replace <bucketname> with your bucket name.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "AWS": "arn:aws:iam::<Your IAM User ID>:user/<Your IAM User Name>"
      },
      "Action": [
        "s3:ListBucket",
        "s3:GetBucketLocation",
        "s3:PutObject",
        "s3:PutObjectAcl",
        "s3:GetObject",
        "s3:GetObjectAcl",
        "s3:DeleteObject"
      ],
      "Resource": [
        "arn:aws:s3:::<bucketname>",
        "arn:aws:s3:::<bucketname>/*"
      ]
    }
  ]
}

Read-Only Permission

Access to the S3 bucket is determined by the policies and permissions in Amazon S3External LinkThis link leads to an external website and will open in a new tab.

If your S3 bucket is read-only, or you wish Files.com to be restricted to read-only permissions, then configure the S3 user policy (replace <bucketname> with your bucket name) as below:

{
   "Version": "2012-10-17",
   "Statement": [
      {
         "Effect": "Allow",
         "Action": [
           "s3:GetObject",
           "s3:ListBucket",
           "s3:GetBucketLocation"
         ],
         "Resource": [
           "arn:aws:s3:::<bucketname>",
           "arn:aws:s3:::<bucketname>/path/to/subfolder/*"
         ]
      }
   ]
}

Bear in mind that the bucket policy permissions are completely separate from Files.com permissions.

When you set the bucket policy to read-only then you should ensure that any Files.com users with permission to access this bucket should also be set to read-only user permissions.

Add Remote Server Mount

Remote Server Mounts are created by mounting them onto an empty folder in Files.com. This folder should not be the Root of your site, although that is supported if you need it.

Add Remote Server Sync

After creating the Amazon S3 Remote Server, you can use it to perform Remote Syncs between your bucket and Files.com.

Get Instant Access to Files.com

The button below will take you to our Free Trial signup page. Click on the white "Start My Free Trial" button, then fill out the short form on the next page. Your account will be activated instantly. You can dive in and start yourself or let us help. The choice is yours.